Bermondsey Carpet Cleaning Privacy Policy

This Privacy Policy explains how Bermondsey Carpet Cleaning collects, uses, stores and protects personal data relating to its customers in the Bermondsey area. It also explains your rights under the UK General Data Protection Regulation and related data protection laws. By using our cleaning services, making an enquiry or otherwise providing your personal data to us, you acknowledge that you have read and understood this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy applies to all Bermondsey Carpet Cleaning customers and prospective customers in the Bermondsey area. It covers data collected in person, by telephone, via online enquiry forms, through social media messaging and through any other direct communication with us. This Privacy Policy does not apply to the practices of third parties that we do not own or control, including independent comparison sites or platforms where our services may be listed.

Data Controller

Bermondsey Carpet Cleaning is the data controller in respect of the personal data we process about you. This means we decide how and why your personal data is used, and we are responsible for ensuring that it is handled lawfully and securely. When this Privacy Policy refers to we, our or us, it means Bermondsey Carpet Cleaning acting as data controller.

Personal Data We Collect

We only collect personal data that is relevant for providing our carpet and upholstery cleaning services, managing our relationship with you and complying with legal obligations. The categories of data we may collect include.

Identification information such as your name and, where relevant, company name or flat number.

Contact information such as your billing address, service address, and any alternative contact address you give us.

Communication details such as your preferred contact methods and records of communications you send us, including service requests, complaints, feedback, and other enquiries.

Service details such as details of the property or premises that require cleaning, including room types, floor coverings, access information and special instructions.

Booking and transaction information such as dates and times of appointments, services requested, prices quoted, invoices, payments, refunds and related accounting records.

Technical and usage information such as basic technical information contained in emails, and information you choose to provide through online forms or direct messages on social media platforms. We do not carry out behavioural profiling or automated decision making based on this data.

Lawful Basis for Processing

We rely on several lawful bases under the UK GDPR to process your personal data.

Contract. We process your personal data when it is necessary to enter into or perform a contract with you. This includes taking bookings, confirming appointments, providing cleaning services and managing payments.

Legal obligation. We process certain information to comply with legal obligations, such as maintaining financial records for tax and accounting purposes and responding to lawful requests from public authorities.

Legitimate interests. We process your personal data where it is necessary for our legitimate business interests and where your interests and fundamental rights do not override those interests. These legitimate interests include managing our business, improving our services, handling enquiries and complaints, and maintaining accurate records of our interactions with customers.

Consent. In limited circumstances, we may rely on your consent, for example, where the law requires consent to send you certain types of marketing communications. Where we rely on consent, you have the right to withdraw it at any time.

How We Use Your Personal Data

We use your personal data for the following purposes.

To respond to enquiries and provide quotations for our services.

To schedule, manage and carry out carpet and upholstery cleaning appointments.

To communicate with you about your bookings, including confirmations, updates, rescheduling and follow up queries.

To process payments, issue invoices, receipts, credit notes and manage any refunds or disputes.

To manage our relationship with you, including handling feedback, complaints and customer service queries.

To maintain internal records for business administration, accounting and auditing purposes.

To comply with applicable laws, regulatory requirements and requests from public authorities, where we are legally required to do so.

We do not sell or rent your personal data to third parties.

Data Sharing and Processors

We may share your personal data with trusted third parties who act as data processors on our behalf. These processors only process your data under our instructions and are subject to contractual obligations to implement appropriate technical and organisational measures to protect your data.

Categories of processors may include.

Payment processing providers used to securely handle card or electronic payments.

Bookkeeping and accountancy service providers who assist us with financial records and reporting.

IT and cloud service providers who host or support our scheduling, email and data storage systems.

Professional advisers such as auditors or legal advisers where necessary to protect our business or comply with legal obligations.

We may also disclose personal data to public authorities, regulators or law enforcement agencies where required by law or where necessary to protect our rights, property or safety or the rights, property or safety of others.

International Transfers

Where any of our service providers or cloud storage solutions involve the transfer of personal data outside the United Kingdom, we will ensure that appropriate safeguards are in place. These may include the use of recognised adequacy decisions or standard contractual clauses approved for international data transfers. We will take steps to ensure that your personal data continues to receive a level of protection that is essentially equivalent to that provided in the United Kingdom.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting or reporting requirements.

In general.

Core customer and booking records are kept for up to six years from the end of our relationship with you, to comply with tax and accounting obligations and to address any potential legal claims.

Routine service communications and enquiries that do not lead to ongoing services may be retained for a shorter period, normally up to two years.

Where we rely on your consent for specific types of marketing communication, we keep the relevant data until you withdraw your consent or object to the processing, after which we will stop the relevant processing and delete or anonymise the data where appropriate.

When personal data is no longer required, we will securely delete or anonymise it.

Your Data Protection Rights

Under the UK GDPR, you have several rights in relation to your personal data.

Right of access. You can request a copy of the personal data we hold about you and information on how we process it.

Right to rectification. You can ask us to correct or complete any inaccurate or incomplete personal data we hold about you.

Right to erasure. You can request that we delete your personal data where there is no good reason for us to continue processing it, subject to legal and regulatory obligations that may require us to keep certain records.

Right to restriction of processing. You can ask us to restrict the processing of your personal data in certain circumstances, for example while we verify its accuracy or assess an objection you have raised.

Right to data portability. In some circumstances, you may request that we provide your personal data to you or to a third party in a structured, commonly used and machine readable format.

Right to object. You can object to processing of your personal data based on our legitimate interests, and we will stop processing unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms or the processing is needed for legal claims. You always have the right to object to direct marketing.

Right to withdraw consent. Where we rely on your consent, you can withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

You also have the right to lodge a complaint with the Information Commissioner's Office if you are unhappy with how we handle your personal data. We would welcome the opportunity to address your concerns directly before you contact the supervisory authority.

Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction or damage. These measures include access controls, secure storage arrangements, staff awareness and procedures designed to ensure that personal data is handled responsibly. While we take reasonable steps to protect your data, no system can be completely secure and we cannot guarantee absolute security.

Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology or our business operations. Any changes will take effect when the updated version is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data.